/*
 * Copyright 1999-2018 Alibaba Group Holding Ltd.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.huzhp.dashboard.auth;

/**
 * <p>The Servlet filter for authentication.</p>
 * <p>
 * <p>Note: some urls are excluded as they needn't auth, such as:</p>
 * <ul>
 * <li>index url: {@code /}</li>
 * <li>authentication request url: {@code /login}, {@code /logout}</li>
 * <li>machine registry: {@code /registry/machine}</li>
 * <li>static resources</li>
 * </ul>
 * <p>
 * The excluded urls and urlSuffixes could be configured in {@code application.properties} file.
 *
 * @author cdfive
 * @since 1.6.0
 */
//@Component
//public class LoginAuthenticationFilter implements Filter {
//
//    private static final String URL_SUFFIX_DOT = ".";
//
//    /**
//     * Some urls which needn't auth, such as /auth/login, /registry/machine and so on.
//     */
//    @Value("#{'${auth.filter.exclude-urls}'.split(',')}")
//    private List<String> authFilterExcludeUrls;
//
//    /**
//     * Some urls with suffixes which needn't auth, such as htm, html, js and so on.
//     */
//    @Value("#{'${auth.filter.exclude-url-suffixes}'.split(',')}")
//    private List<String> authFilterExcludeUrlSuffixes;
//
//    /**
//     * Authentication using AuthService interface.
//     */
//    @Autowired
//    private AuthService<HttpServletRequest> authService;
//
//    @Override
//    public void init(FilterConfig filterConfig) throws ServletException {
//
//    }
//
//    @Override
//    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
//        throws IOException, ServletException {
//        HttpServletRequest httpRequest = (HttpServletRequest) request;
//
//        String servletPath = httpRequest.getServletPath();
//
//        // Exclude the urls which needn't auth
//        if (authFilterExcludeUrls.contains(servletPath)) {
//            chain.doFilter(request, response);
//            return;
//        }
//
//        // Exclude the urls with suffixes which needn't auth
//        for (String authFilterExcludeUrlSuffix : authFilterExcludeUrlSuffixes) {
//            if (StringUtils.isBlank(authFilterExcludeUrlSuffix)) {
//                continue;
//            }
//
//            // Add . for url suffix so that we needn't add . in property file
//            if (!authFilterExcludeUrlSuffix.startsWith(URL_SUFFIX_DOT)) {
//                authFilterExcludeUrlSuffix = URL_SUFFIX_DOT + authFilterExcludeUrlSuffix;
//            }
//
//            if (servletPath.endsWith(authFilterExcludeUrlSuffix)) {
//                chain.doFilter(request, response);
//                return;
//            }
//        }
//
//        AuthService.AuthUser authUser = authService.getAuthUser(httpRequest);
//
//        HttpServletResponse httpResponse = (HttpServletResponse) response;
//        if (authUser == null) {
//            // If auth fail, set response status code to 401
//            httpResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
//        } else {
//            chain.doFilter(request, response);
//        }
//    }
//
//    @Override
//    public void destroy() {
//
//    }
//}
